Vulnerabilities > Canonical > Ubuntu Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-05-20 CVE-2016-1833 Out-of-bounds Read vulnerability in multiple products
The htmlCurrentChar function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted XML document.
4.3
2016-05-11 CVE-2016-3712 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode.
5.5
2016-05-10 CVE-2016-4556 Double free vulnerability in Esi.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via a crafted Edge Side Includes (ESI) response.
network
low complexity
squid-cache oracle canonical
5.0
2016-05-10 CVE-2016-4555 Improper Input Validation vulnerability in multiple products
client_side_request.cc in Squid 3.x before 3.5.18 and 4.x before 4.0.10 allows remote servers to cause a denial of service (crash) via crafted Edge Side Includes (ESI) responses.
network
low complexity
squid-cache canonical oracle CWE-20
5.0
2016-05-10 CVE-2016-4554 Insufficient Verification of Data Authenticity vulnerability in multiple products
mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin restrictions and possibly conduct cache-poisoning attacks via a crafted HTTP Host header, aka a "header smuggling" issue.
network
low complexity
oracle squid-cache canonical CWE-345
5.0
2016-05-10 CVE-2016-4553 Insufficient Verification of Data Authenticity vulnerability in multiple products
client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request.
network
low complexity
canonical squid-cache oracle CWE-345
5.0
2016-05-09 CVE-2016-4476 Improper Input Validation vulnerability in multiple products
hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) via a crafted WPS operation.
network
low complexity
w1-fi canonical CWE-20
5.0
2016-05-05 CVE-2016-4008 Resource Management Errors vulnerability in multiple products
The _asn1_extract_der_octet function in lib/decoding.c in GNU Libtasn1 before 4.8, when used without the ASN1_DECODE_FLAG_STRICT_DER flag, allows remote attackers to cause a denial of service (infinite recursion) via a crafted certificate.
network
high complexity
canonical opensuse gnu fedoraproject CWE-399
5.9
2016-05-05 CVE-2016-3718 Server-Side Request Forgery (SSRF) vulnerability in multiple products
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image.
5.5
2016-05-05 CVE-2016-3717 Information Exposure vulnerability in multiple products
The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image.
local
low complexity
canonical redhat imagemagick CWE-200
5.5